Which security vendors brands can be spoofed in email?
Security vendors get impersonated in B2B phishing specifically because the recipient is already worried about security. A fake 'your CrowdStrike alert' email triggers a click before anyone reads the From: header. Ironic when the vendor's own DMARC isn't enforced - this category has more variance than you'd expect.
Spoofable
0 (0%)
No DMARC, or DMARC at p=none. Anyone can send from these domains.
Partial protection
5 (33%)
DMARC at p=quarantine, or p=reject with pct<100. Spoofed mail may slip through.
Not practically spoofable
10 (67%)
DMARC p=reject pct=100 + SPF -all or DKIM. Spoofed mail rejected at SMTP.
| Brand | Domain | Verdict | |
|---|---|---|---|
| 1Password | 1password.com | Maybe | See the math → |
| Auth0 | auth0.com | Maybe | See the math → |
| Bitdefender | bitdefender.com | Maybe | See the math → |
| Fortinet | fortinet.com | Maybe | See the math → |
| Norton | norton.com | Maybe | See the math → |
| Bitwarden | bitwarden.com | Protected | See the math → |
| Check Point | checkpoint.com | Protected | See the math → |
| Cisco | cisco.com | Protected | See the math → |
| CrowdStrike | crowdstrike.com | Protected | See the math → |
| LastPass | lastpass.com | Protected | See the math → |
| Okta | okta.com | Protected | See the math → |
| Palo Alto Networks | paloaltonetworks.com | Protected | See the math → |
| SentinelOne | sentinelone.com | Protected | See the math → |
| Trend Micro | trendmicro.com | Protected | See the math → |
| Twilio | twilio.com | Protected | See the math → |
Other categories
What does "spoofable" actually mean?
A domain is spoofable when a third party can send mail FROM addresses at that domain (e.g. [email protected]) and have it land in inboxes. The mechanism that prevents this is DMARC enforcement combined with SPF and DKIM. Without all three, receivers have no policy to apply against unauthorised senders.
Want the same check on your own domain? Run the free Spoofability check.
This category last scored: .